Sunday, February 26, 2017

on Safari Books online I have watched the entire course by Greg Turnquist, the material is really well done, hands on and practical....
Spring Boot is the best product I have seen since a long time, it has a learning curve but it allows you to write formidably compact applications.

Saturday, February 18, 2017

connecting Chrome to a local development WebLogic that was using a WebServer certificate that was revoked in the CRL list, I got this message:

Your connection is not private
Attackers might be trying to steal your information from localhost (for example, passwords, messages, or credit cards).
NET::ERR_CERT_REVOKED
Automatically report details of possible security incidents to Google. Privacy policy
ReloadHide advanced
localhost normally uses encryption to protect your information. When Google Chrome tried to connect to localhost this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be localhost, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.
You cannot visit localhost right now because this certificate has been revoked. Network errors and attacks are usually temporary, so this page will probably work later.

Once I started Chrome with "chrome.exe --ignore-certificate-errors" the connection is accepted, I just get a warning "you are using an unsupported command-line flag: --ignore-certificate-errors. Stability and security will suffer "

IMHO logging is the weakest point in application development, the Cinderella of IT.
Most people don't log enough information to enable effective troubleshooting, the context is lost, changing logging level in PROD is hell, if you enable debug level you end up being flooded with unwanted info, most of the time operators don't even have instructions on how to do it.
Besides one is interested in knowing what happened immediately before an error occurred, so one should always have like a Flight Recorder with some history preceding the error and ready to be dumped when this happens.
Also, frameworks like ByteBuddy or Btrace or AOP products allows you to dynamically define loggers... logging is a cross-cutting concern, it should not be interspersed in the business code cluttering it. Just define what to log in a separate module - configuration and convention over code.
Here at OverOps they seem to bring some value:

In Eclipse, if you go to Window/Preferences , Java/Build Path/Classpath Variable , there you see M2_REPO as "not modifiable".
to change it, you should to to Window/Preferences/ Maven / User Settings and point to the location of your settings.xml where you have defined localRepository to the value D:\pierre\.m2\repository (for example).